CVE-2014-0028

2014-01-2418:55:00

Debian Security Bug Tracker

security-tracker.debian.org

0.003 Low

EPSS

Percentile

69.8%

JSON

libvirt 1.1.1 through 1.2.0 allows context-dependent attackers to bypass the domain:getattr and connect:search_domains restrictions in ACLs and obtain sensitive domain object information via a request to the (1) virConnectDomainEventRegister and (2) virConnectDomainEventRegisterAny functions in the event registration API.

OSVersionArchitecturePackageVersionFilename
Debian12alllibvirt< 1.2.1-1libvirt_1.2.1-1_all.deb
Debian11alllibvirt< 1.2.1-1libvirt_1.2.1-1_all.deb
Debian10alllibvirt< 1.2.1-1libvirt_1.2.1-1_all.deb
Debian999alllibvirt< 1.2.1-1libvirt_1.2.1-1_all.deb
Debian13alllibvirt< 1.2.1-1libvirt_1.2.1-1_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	all	libvirt	< 1.2.1-1	libvirt_1.2.1-1_all.deb
Debian	11	all	libvirt	< 1.2.1-1	libvirt_1.2.1-1_all.deb
Debian	10	all	libvirt	< 1.2.1-1	libvirt_1.2.1-1_all.deb
Debian	999	all	libvirt	< 1.2.1-1	libvirt_1.2.1-1_all.deb
Debian	13	all	libvirt	< 1.2.1-1	libvirt_1.2.1-1_all.deb

0.003 Low

EPSS

Percentile

69.8%

JSON

Related for DEBIANCVE:CVE-2014-0028